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1. INTRODUCTION 

Intelligent Transport Systems (ITS) contains an enormous volume of data about various activities 
management based on different accounts, due to the growing demand for transportation services, 
competitiveness, and technological development; Organizational management needs a decision support tools, 
such as Dashboards. The ITS Dashboard is a set of pertinent data and indicators allowing a decision-making 
guidance to management in order to achieve the objectives [1], and to improve the quality of the 
service offered. 

The usage of dashboard is limited not only to public information but also to confidential 
information, which has a value of confidentiality to certain parties so that it needs some security controls [2]. 
Password authentication is an important security tool because it allows organizations to secure their 
dashboard by allowing only authenticated users (or processes) to access its protected resources, which can 
include synthetic views of past, present, and therefore the future of the company. 

Most computer systems, Internet-based environments, and networks use password authentication[3]. 
Once a Password (PW) or One Time Password (OTP) which is valid for the only certain amount of time or 
one session [4] has been entered, the system looks up it in the password hash. If the stored password matches 
the entered password for the specified username, the user is authenticated in that system. The adoption of the 
password in various formats [5], [6] without other operations is considered as a threat to the credibility of the 
systems and private information, because it is either simple or attacking quickly. 

The proposed framework attempts to develop a system which automates the control of the Password 
authentication process. It uses agent technology to notify the owner for each authentication request. 
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When any user tries to log in on the Transportation dashboard trough desktop or mobile Authentication 
Interface, a remote user notification is launched. The framework will be adapting the notification mode 
according to the event context. This paper presents the new model based on realization of an Intelligent 
Agent to act as a Notification System to inform and alert the concerned admin or owner, when trying to 
authenticate or change the state of an account. 


2. BACKGROUND 
2.1. Mobile agent paradigm 

Since the 1990s, with the development of computer network and computer communication 
technology, Mobile Agent technology is known as a high acceleration with various uses in many areas. So, it 
is a practical choice for many applications, for several reasons, including improvements in latency and 
bandwidth of client-server applications and reducing vulnerability to network disconnection [7]. Mobile 
Agent applied to mobile computation, M-commerce (especially mobile e-commerce) [8], [9], administration 
of networks, distributed information and so on. In computer science, the term agent can be associated with 
many different ideas: an agent is considered as a goal-oriented program with some learning ability [10], 
ability to move from machine to machine possibly in a heterogeneous network [11]. The program chooses 
when and where to migrate. It can suspend its execution at an arbitrary point, transport to another machine 
and resume execution on the new machine. It can dynamically adapt to individual users and can perform 
specific tasks autonomously in an environment. Thus, agent and its environment must come in a parallel for 
each taken action by the agent that would affect its environment and vice versa. 

The advantages of using mobile agent paradigms have been proposed by [12]. These advantages 
include: Overcoming Network Latency (ONL), Reducing Network Load (RNL), executing asynchronously 
and autonomously, adapting dynamically, operating in heterogeneous environments, and having robust and 
fault tolerant behavior. 

In the Notification Authentication Environment for the Agent, Agents represent owner or user how 
trying to login. When there is a new authentication request or new announcements available, Agents will 
react to its environmental changes, by sending the notification to authority-receptor (owner, administrator of 
the system, security partner) about every authentication request to access his account. 


2.2. Literature review 

In the literature, Agent-oriented programming is emerging as a popular programming paradigm for 
large and complicated system [13], [14]. An agent can learn from its interactions, or negotiation with other 
agents, and therefore exploit this information to notify for any new announcements made available. The 
Notification service offers the tool to enable the delivery of information about next events. The authors in 
paper [15] define a notification as a visual message, audible signal, or alert generated by an application or 
service that relays information to a user. More researches were being interested in agent notification. As [16] 
has proposed an Agent-Based monitoring and notification system in the wireless sensor network (WSN), 
where agents representing WSN nodes can report and send notification messages for critical events and 
vulnerabilities. Agent-Based approach explored by [17] to notify the smart grid about a change in air 
condition that affect load of a house. In [18] Alert Notification Service (ANS) represents a web service that 
automatically visits all requested websites selected by a specific user and alerts the user when a particular 
keyword phrase is changed. This action saves users' time and effort by reducing the repeatedly visiting 
multiple websites looking for some specific information or keywords. 

The use of mobile devices (voice calls, video calls, text messaging (SMS), and multimedia 
messaging (MMS)) on notification system is a result of inventing more advanced mobile devices and the 
rapid evolution in wireless network infrastructure [19],[20]. Mobile devices are used in many important 
activities of the agent system, because of its many properties of flexibility, mobility, and adaptability through 
small and light, and movable devices. 


2.3. Mobile notification in authentication process 

Notification service offers the means to enable the delivery of information about immediate events. 
Define a notification as a visual or auditory signal [15]. There are a variety of means that are used for sending 
data. Free services like Google Alerts [21] allow sending of emails when an interesting event of user appears. 

In mobile phones, notifications play an even more central role to “notify” users of new messages, 
events or actions. These are typically delivered instantly. For proper operation of the notifications, it is 
imperative to have a powerful mechanism for handling notifications. When a user is trying to authenticate, 
this action has triggered an event that requires notification by sending E-mail, SMS (phone), or Call Alerts 
the problem is that users exist in different timeframes. Within these different timeframes, some trying 
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authentication might be done, without the user is being notified early. An asynchronous communication must 
be enabled to delivering notification when the user is not connected to the system. The mobile notification 
system is one of the best selected methods. The decision to send notifications will be taken in the context of 
monitoring and authentication control and host control. 


3. PROBLEM STATEMENT 

There are several security levels which concerns in authentication like password schemes. Users 
have a tendency to use easy-to-remember passwords [22], [23], use the similar password for different 
accounts [3], and store these passwords on their systems insecurely, even if the case of strong password. This 
user may be vulnerable to threats especially family; thus forcing him to give the password to the enemy. The 
use of a simple notification system (SNS) on the login process requires an open connection without 
interruption. This is not economically and technically feasible. Add to this, SNS is limited when login on the 
device that we do not usually use, the notification mail about the login is sent to the registered address. 

The ability of agent technology to react dynamically in unfavorable situations and events facilitates 
the construction of distributed robust notification systems and insensitive to failures. If a host is stopped 
(failure connection), all agents running on they are alerted to move and continue their operation to another 
host. The agents become independent of the process that created them and can work asynchronously or even 
autonomously. 


4. MOBILE AGENT-BASED MODEL AND ITS IMPLEMENTATION 

Our company information system allows networking with different services administration. Those 
interconnections create vulnerabilities for control of the authentication process and the follow-up of traces in 
the case of threats. 


4.1. Authentication mobile agent 

An Authentication Mobile Agent (AMA) is an agent that can move from machine to machine in the 
agent-enabled network [7] in the distributed system. The use of authentication process is to verify the identity 
of a user, server, and so on. Before a service will be accessible, the service must learn the user’s identity. 
However, the authentication service needs a sophisticated notification system that keeps track of each 
successful or failed authentication attempt as shown in Figure 1. 
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4.2. The proposed system 

Notification of Authentication is carried out by different types of agents that perform specific 
function. Our proposed Architecture of Agent Notification System on Authentication Process (ANSAP) as 
shown in Figure 2 is a Mobile Agent based Notification System enables to verify the identity of the users 
connecting to system. When the user launches an authentication request, a Mobile Agent can wander from 
machine to machine in the agent-enabled network, to execute the request. Whatever the result, ANSAP will 
be sending asynchronous notifications into the mobile device of owner, because some Authentications 
request might be done without the owner awareness. 
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Figure 2. Architecture of agent notification system on authentication process 


For having access to the resource, the entity should be adequately authenticated. There are three 
main authentication methods: Smart Card, Biometric Characteristics, and Password. Using any of these 
methods can help do the authentication. In our case, the classical method is chosen; when the password 
authentication process starts, an Authentication Agent (AA) is activated to collect the username followed by 
a password. This information (username, password) required to be stored in the Database server at 
registration phase. Authentication process consists of three phases: Registration Phase (RP), Login Phase 
(LP) and Verification Phase (VP) [24]. When the user enters the password on the displayed interface on the 
screen at (LP), the system verifies the entered password by comparing it with a content of the password 
generated during registration. 

a. The ANSAP Framework: As mentioned before, an Asynchronous Communication Framework between 
the owner and the user who is trying to login. The idea is to provide this application on mobile device of 
owner to ensure his notification even as when moving. The model consists of the owner who receives 
notification, the user who tries to login and authentication request. When the user attempts to login on 
the Transportation System through desktop or mobile Authentication Interface, ANSAP receives 
Authentication Requests from login process through AA, stores them with GPS location and information 
about device used. After ANSAP executes the request by the strategy used, it will send notification 
according the obtained result to the owner through their Notification Agent (NAs). Our Framework 
performs all these functions through a set of autonomous agents: Detector Agent (DA) is a first agent 
that receives requests from the AA, sends it to Database Agent (DBA) to be stored in the database, and 
to Control Agent (CA). CA constructs a query and supplies DBA to retrieve the list of authorized- 
receptors of notification (Owner, Administrators, Security partner) if the case, and sends to Mediator 
Agent (MA). MA receives a list of receptors from the CA and deliver notifications to the NAs. 
Mobile device: In the role of owner who is notified once he is registered in Transportation Database. 
NAs: agent resides in the owner’ mobile device. It has a role of displaying notification to owner. 
d. Database server: Contains different pertinent data in concern of owner, owner account, mobile phone, 
and activities journal and so on. To interact with Database, DBA is an agent that resides in the database 
server. The DBA receives the various queries from the ANSAP agents: Insert, Select, and Update. 
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4.3. Demonstration 

The user can login with the Username and Password. These details are compared with stored 
identity in Transportation Database server. There are three possible scenarios to describe the several actions 
of an agent within this Framework. 
a. Scenariol: Successful Authentications 

This scenario illustrates a sequence of activities that happened when the user succeed in 
authentication. The changes in its environment trigger the agent. The detector agent will receive any request 
of authentication newly from authentication agent. Once the authentication succeeds, the MA will interact 
with the NA to alert on this. At that time, the system provides access to the real platform, and different 
actions and communications of ANSAP agents are illustrated as shown in Figure 3. After authentication, the 
employee will receive notifications reminding him of meetings, scheduled tasks, etc. However, these types of 
notification events are outside this paper. 
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Figure 3. Successful authentications 


b. Scenario 2: Falsification Test gives positive result 

The first scenario is expanded to describe a situation in which a user uses a falsify password for 
authentication. With this new change, CA constructs a fake query for supplies DBA when test gives a 
positive result as shown in Figure 4. For security reasons, ANSAP will automatically block the relevant 
account, and allow the user authenticated to another fake platform. The MA will send an urgent alert to 
security partner and services. 
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Figure 4. Falsification test gives a positive result 
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c. Scenario 3: Falsification Test gives an adverse result 

When the test of fake query gives an adverse result and considering to the number of failed 
authentication attempts, (ANSAP) will notify owner in the first failed authentication attempt. Secondly, 
Administrator of the system and the owner will be warned. On the third failed attempts, the Administrator 
will be alerted so that this account will be automatically blocked owing to security policy measures as shown 
in Figure 5. 
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Figure 5. Falsification test gives a negative result 


4.4. Implementation 

To notify the user during an authentication process, anywhere and in real-time by auto-sending SMS 
notification is not always guaranteed. In wireless networks, disconnection and failure to deliver notification 
are possible. So, the MA is responsible for sending the notification to the NAs until ensuring that all 
authorized-receptors have received notification as show in Table 1. 


Table 1. Result of Different Scenarios 


Scenario 1 Scenario 2 Scenario 3 
ANSAP sends notification "Account It is one of the most difficult situations, Depending on the number of failed tries, 
Accessed" automatically to the owner. where the administrator receives "Urgent the administrator and the owner receive 


Notification" on the threat from ANSAP, a notification "Account Failed" 
which will help to move quickly to protect 
the person and the company 


Account Access 


Urgent Notification 
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Employee "Nasro" is threatened 


Employee "Nasro" failed to connect 


5. DISCUSSION 

The use of wireless and mobile devices in ANSAP allows providing users with efficient services 
and sharing information about their account, without need to use a specific mobile phone or a service. Hence, 
the system is widely adoptable without making big changes, and it is independent of any proprietary data 
format which makes it easy to be used by different grid management software. The objective is always how 
making it harder for the hacker and attacker to impersonate someone and login to his account. After using 
ANSAP, we noticed improvements in safety and speed in making the right decisions, to prevent many threats 
and trace their proportions and analyze their causes. As such, cannot overlook that one of the critical factors 
in a successful security strategy is user adherence to the procedure itself. Mobile technologies can be the best 
ally of any security strategy in identity protection and follow the authentication process addition the cost of 
notification via cellular network or Wi-Fi is almost zero and achieves a very high user satisfaction rate. 
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6. TOOLS USED 

To use of mobile agent’s techniques, the system must have a mobility framework for all of the agent 
modes, including the navigation model. For the lifecycle model, we need services to create, destroy, start, 
suspend, and stop, etc., agents [25]. 

JADE (Java Agent Development Environment) [26], [27] is a software Framework to be run under 
Java Environment with a flexible infrastructure. It is a middleware developed by TILAB that simplifies the 
development of agent based applications, where the agent platform can be distributed across several 
machines (Heterogeneous OS) and the configuration can be changed at run-time by moving agents from one 
machine to another one, as and when required. JADE is written entirely in Java [13], [27]. It publishes their 
services in DF-Agent-Description as defined by the FIPA specification [28]. A DF Agent-Description 
includes one or more service-descriptions, each one describing a service provided by the registering different 
agents used in ANSAP where MA match IDs of APs recipient using the DF. A service-description typically 
specifies, among others, one or more ontology that must be known to access the published service. 

The FIPA Agent Communication Act uses a seven-layer model from the application layer of the 
classical OSI reference model. The sub-layers include, in ascending order; Transport, Encoding, Messaging, 
Ontology, Content Expression, Communication Act and Interaction Protocol (IP) [29]. The layered 
architecture is geared towards optimizing communication performance between agents in MAS [30]. The 
chosen platform for design and implementation is the JADE-LEAP [25], [31] framework because it enables 
developing agents on mobile device. 


7. CONCLUSION 

In this paper, we have proposed an agent Notification System to track the Authentication process in 
real time, to make it more flexible and reliable. The use of Agent technology is the next direction for 
computing, especially the mobile platform that has low resources and runs on ubiquitous wireless networks to 
help the system to reach owner. Agents have come to stay and to change the client-server approach, as 
mobile agents allow the processing of information to be done locally, instead of transmitting the data over a 
network thereby reducing the network overload. 
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